p2p.wrox.com Forums

p2p.wrox.com Forums (http://p2p.wrox.com/index.php)
-   BOOK: Beginning PHP 6, Apache, MySQL 6 Web Development ISBN: 9780470391143 (http://p2p.wrox.com/forumdisplay.php?f=476)
-   -   Chapter 12 update_user.php issues (http://p2p.wrox.com/showthread.php?t=74299)

sgtwwilson May 7th, 2009 08:42 PM

Chapter 12 update_user.php issues
 
I seem to be having a problem with both the code in the book and the downloaded code in Chapter 12. The update_user.php file is performing incorrectly.

When I update user information from the admin screen, all users in the table get updated with the new information... eg. if I change a first name to fred... everyone in the db's first name becomes fred. I assume there is an issue with the query...

here is the code from WROX

// No errors so enter the information into the database.

PHP Code:

   if (!empty($password)) {
            
$query 'UPDATE site_user SET
                    password = PASSWORD("' 
.
                        
mysql_real_escape_string($password$db) . '")
                WHERE
                    user_id = ' 
$user_id;
            
mysql_query($query$db) or die(mysql_error());
        }

        
$query 'UPDATE site_user u, site_user_info SET
            username = "' 
mysql_real_escape_string($username$db) . '",
            first_name = "' 
mysql_real_escape_string($first_name$db) . '",
            last_name = "' 
mysql_real_escape_string($last_name$db) . '",
            email = "' 
mysql_real_escape_string($email$db) . '",
            city = "' 
mysql_real_escape_string($city$db) . '",
            state = "' 
mysql_real_escape_string($state$db) . '",
            hobbies = "' 
mysql_real_escape_string(join(', '$hobbies), $db) . '"
          WHERE
            u.user_id = ' 
$user_id;
        
mysql_query($query$db) or die(mysql_error());
        
mysql_close($db); 

anyone know how to fix this?

-K

sgtwwilson May 7th, 2009 08:46 PM

misformed query...
 
I've figured this out...


it looks like there needs to be a join to the site_user_info table or else the entire table gets updated...

Guess this qualifies as errata.

I edited the query to look like this and it works fine now.

PHP Code:


(snip)
$query 'UPDATE 
                    site_user u JOIN site_user_info i ON u.user_id = i.user_id 
                SET
                    username = "' 
mysql_real_escape_string($username$db) . '",
                    first_name = "' 
mysql_real_escape_string($first_name$db) . '",
                    last_name = "' 
mysql_real_escape_string($last_name$db) . '",
                    email = "' 
mysql_real_escape_string($email$db) . '",
                    city = "' 
mysql_real_escape_string($city$db) . '",
                    state = "' 
mysql_real_escape_string($state$db) . '",
                    hobbies = "' 
mysql_real_escape_string(join(', '$hobbies), $db) . '"
                  WHERE
                    u.user_id = ' 
$user_id



All times are GMT -4. The time now is 07:52 PM.

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.